Introducing, The New Prevx Edge.

Yes, that's true, and malware may start doing that, but at the same time, if the malware got thru a normal AV and then severed off the internet, the AV would be unable to update to download the newest definitions.

Therefore, I don't think this is an Edge-only issue. There are actually a great deal of pieces of malware which add AV update urls to the HOSTs file to block them from updating with varying success.

Also, if you have malware which is blocking you from connecting to the internet, you'll notice pretty quickly and start wondering what's going on. Users would generally then contact their AV company and, at least in our case, we will then work to manually fix their computer to remove the threat blocking us from "updating" our knowledge of the local PC.

 

Edge also does fix the HOSTs file if it detects malicious changes to it that could block Edge or other popular AVs from scanning

 

sounds good

 

go to sleep. are you paid hourly?

 

Haha I'm not And this doesn't even count as overtime This is just me caring about our products < /sentimental>

 

I will have to go to the UK and get you a raise. i can be pretty persuasive.

 

well i am almost there. i can't do with out Defensewalls protection from attack vectors, and a firewall.


Mike

 

I might put defensewall back on when Ilya gets the new skinning engine but as far as firewalls just Winders and the Router is all I need. My thoughts are that if it can't execute it can't infect and if it can't infect it can't call home.

 

or i would simply restore that snapshot from an archive or failing that for some reason, nuke the whole set from a fresh image i take 2 times a day.

nothing is perfect. i recall the days when unless you were skilled at manually removing infections your only option was to reformat. malware has evolved and so has anti-malware tools. Edge is an outside the box paridigm produced by forward thinking software engineers and coders, backed by phenomenal resources and infrastructure. there is no other company like Prevx, there is no other product like Prevx Edge, so some folk just need to get over themselves.

Edge. have you slobberknocked your malware today?


Mike

 

Thats cute but whats the point?

Id say its fair that little test can be used to make allmost anything look silly.

Anyone who would tune a heuristic to that level will spend the next 24 hrs..sorry...24 yrs...repairing False Positives.

Yes,the internet is vital but it also effects each and every known antivirus when it pertains to new threats.

Speaking of new threats,if anyone has ever had a conversation with a real heuristic engineer in any AV company,they will tell you all,stringing server side crypted malware with a preset determination is close to impossible and is totally impossible to treat globally,again,all day repairing slews of False Positives.

Basically speaking,the best youll ever see is 90% detection rates and this speaks nothing for onboard real time protection because it does not implement any preset rules that were allready in tact.

Detection Rates and AV Testing in general is conceptually misleading at best,it does not ever reflect the true capacity and any defense system or resident antivirus product.

 

don't be so lazy lol..

 

so can prevx edge be used as a stand alone or with or other anti viruses, every time i used to run prevx along side bit defender amd i had a problem bit defender support always blamed prevx , they told me only to use 1 securtiy product

 

i have a licence for prevx csi, yet when i try to download prevx edge and run it only csi runs strange??

 

oops sorry just read some more on this so now i know its answer, and also i unistalled csi and put edge on and edge worked, will my csi licence work for edge

 

I would prefer real-time protection of Edge over on-demand CSI. And the novice friendly approach is ideal, since its not me monitoring the machine on a daily basis. I don't want a central scanning option, would like it better if the clients themselves could scan themselves. Since you are working on Edge Enterprise, may I recommend adding an option for offline db or making server(s) act as proxy repository, just like Enterprise AV software.

I thought CSI and Edge would be same Guess, CSI would be better on Wine, will check it out on any old linux machine I find around on Monday.

Thanks again

 

ok, back from sleep.

i left the 42 undetected samples on my machine, by this i mean the ones that prevx could not detect by both the scanner, or behaviour-based detection.

so, while joe has to check the 157 the scanner missed, im still curious to know about the completely un-detected samples.

so, when i arrived back to my laptop this morning, a ran a scan with EDGE and it found some more infections and cleaned those, quite a few malware downloaders, but mainly malicious stuff.

so, from the 42 completely undetected samples, currently remains 24, of which 5 are zero-byte.

does he have more to check? ... i have no idea.

but it should be said, no software is perfect, however.. support is lightning quick and samples are being added very quickly indeed.

feels really good to get back to my drweb and prevx setup that im sooo used to.

 

i have run edge on my system and it found this surely a false positve

 

yeah, most likely.

right click it and report as FP

 

Are you guys running it just with or without a AV or also with a firewall?

 

my setup is purely what my signature says, with only a hardware firewall in the router.

but, id have no problem what-so-ever using Prevx EDGE on its own,

 

I did not have a single problem when using FD-ISR and Px Edge together here (the only bothering is that I cannot exclude the possibly huge FD-ISR's cache directory ["C:\$ISR"] from automatic Edge's system scanning, but Prevx support told me that this exclusion feature is now on their TO DO list).

BTW, the FD-ISR icon is simply there to give the user an optional easy access to the GUI, so not having this icon present in system tray won't impaire FD-ISR fontionality in any way , I personnaly prefer to simply use a PowerPro's hotkey to fastly start the GUI when needed.

 

running without firewall. One nice combo I found is Edge and Sandboxie. Working very well together.

 

@webbit

Please rescan and let me know the outcome.

 

Just PM about this.

I must say that complete scan takes usually long time, and even when I abort the scanning it takes ~1 minute to stop.

The only scan that doesn't take too long is the quick scan with optimizing.

I have thousands of files in my PC so can this be the reason?

I have rootkit analyzers but never found one.

 

Hi there,

have you already sent us all the samples? (Even the 19 undetected ones?)